WFLY-3221 issue exists in WildFly 10.1.0
valsaraj007 Apr 11, 2017 9:58 AMHi,
The cache flush issue seems to be existing in WildFly 10.1.0.
Here, fix version is 9 but still session invalidates but JAAS login with old password works using cache.
If the code s wrtten in application to flush using session listener, it works.
@WebListener
public class CacheInvalidationSessionListener implements HttpSessionListener {
@Resource(name = "java:jboss/jaas/appLDAP/authenticationMgr")
private CacheableManager<?, Principal> cm;
public CacheInvalidationSessionListener() {
}
@Override
public void sessionCreated(HttpSessionEvent se) {
}
@Override
public void sessionDestroyed(HttpSessionEvent se) {
//we need to get the current account
//there are two options here, we can look for the account in the current request
//or we can look for the account that has been saved in the session
//for maximum compatibility we do both
ServletRequestContext src = ServletRequestContext.current();
if (src != null) {
Account account = src.getExchange().getSecurityContext().getAuthenticatedAccount();
if (account != null) {
clearAccount(account);
}
}
if (se.getSession() instanceof HttpSessionImpl) {
final HttpSessionImpl impl = (HttpSessionImpl) se.getSession();
Session session;
if (WildFlySecurityManager.isChecking()) {
session = WildFlySecurityManager.doChecked(new PrivilegedAction<Session>() {
@Override
public Session run() {
return impl.getSession();
}
});
} else {
session = impl.getSession();
}
if (session != null) {
AuthenticatedSessionManager.AuthenticatedSession authenticatedSession = (AuthenticatedSessionManager.AuthenticatedSession) session.getAttribute(CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession");
if(authenticatedSession != null) {
clearAccount(authenticatedSession.getAccount());
}
}
}
}
private void clearAccount(Account account) {
if (account instanceof AccountImpl) {
cm.flushCache(((AccountImpl) account).getOriginalPrincipal());
TolvenLogger.info(">>>>>>>>> CLEAR CACHE: " + ((AccountImpl) account).getOriginalPrincipal().getName(), this.getClass());
}
if (account != null) {
cm.flushCache(account.getPrincipal());
TolvenLogger.info(">>>>>>>>> CLEAR CACHE: " + account.getPrincipal().getName(), this.getClass());
}
}
}
Any suggestion on this issue?
Thanks!